$ rpki-client -vvf rpki.apnic.net/member_repository/A9137B39/A7599D7AA03511EC82255D3AC4F9AE02/khdBhFmoypIuDWajy6pAZyDLSJA.mft File: khdBhFmoypIuDWajy6pAZyDLSJA.mft (raw, json) Hash identifier: A1kX7eXO9YF9qxO6WrHOwEcbf/Q4UKVNkAVYd/uSVC4= Subject key identifier: 08:04:17:55:92:55:6B:DF:2E:6F:5E:B4:DA:71:9A:F2:EC:72:2E:07 Authority key identifier: 92:17:41:84:59:A8:CA:92:2E:0D:66:A3:CB:AA:40:67:20:CB:48:90 Certificate issuer: /CN=A9137B39/serialNumber=9217418459A8CA922E0D66A3CBAA406720CB4890 Certificate serial: 0384 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/khdBhFmoypIuDWajy6pAZyDLSJA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9137B39/A7599D7AA03511EC82255D3AC4F9AE02/khdBhFmoypIuDWajy6pAZyDLSJA.mft Manifest number: 037F Signing time: Fri 25 Apr 2025 00:39:33 +0000 Manifest this update: Fri 25 Apr 2025 00:39:33 +0000 Manifest next update: Fri 02 May 2025 00:39:33 +0000 Files and hashes: 1: khdBhFmoypIuDWajy6pAZyDLSJA.crl (hash: gi6WyO/eckqPLpYK9/H2JWDCjcRA63ESKIrtFZnfNto=) 2: 44FBB466A03911EC9AD2F840C4F9AE02.roa (hash: u8Y2qHn4dP492v5Q3muwggQyuBR/yx2lsL2jNNDR8KY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9137B39/A7599D7AA03511EC82255D3AC4F9AE02/khdBhFmoypIuDWajy6pAZyDLSJA.crl rsync://rpki.apnic.net/member_repository/A9137B39/A7599D7AA03511EC82255D3AC4F9AE02/khdBhFmoypIuDWajy6pAZyDLSJA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/khdBhFmoypIuDWajy6pAZyDLSJA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 00:39:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 900 (0x384) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9137B39, serialNumber=9217418459A8CA922E0D66A3CBAA406720CB4890 Validity Not Before: Apr 25 00:39:33 2025 GMT Not After : May 2 00:39:33 2025 GMT Subject: CN=680ad9c5-8064 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f5:04:e3:40:2b:40:21:da:ac:9b:7f:df:90:4f: 60:33:a4:16:63:4d:73:58:6e:32:b3:8d:dd:c9:75: da:f5:25:3b:34:03:4f:ed:64:58:75:e3:0f:18:46: ed:8e:00:0d:56:06:6a:9e:4e:83:f3:2f:1c:fc:ed: a5:13:ab:45:b6:16:7c:ea:eb:a1:46:47:e2:86:f2: 7c:b5:97:b2:15:7c:df:d6:28:b9:cb:6f:ad:bb:e6: 0e:36:f4:d2:03:bc:6d:b6:1d:7e:ee:a4:e9:fc:f5: d3:aa:60:5f:b7:05:c6:c6:20:9a:8d:e3:ae:01:3c: b6:c3:0c:b7:2a:be:04:55:e1:33:04:e4:be:c3:c8: 4e:b0:bf:2f:f8:20:90:94:9b:c3:c9:64:04:02:bb: a3:ee:e5:e1:2b:95:d8:b2:db:e4:26:ee:ec:15:5e: e6:c2:60:00:23:5c:c9:f6:9a:e4:21:eb:5c:93:b7: c4:92:66:7a:e8:67:a2:31:c4:a7:a9:f5:73:29:e8: 3d:a5:c3:59:b2:41:cd:5f:e0:3e:8a:8a:b2:77:76: bd:a9:f3:06:cf:04:ec:18:ba:6b:ad:35:71:07:c9: d4:2b:ce:aa:a2:02:9d:18:3f:07:e0:7c:41:70:11: a9:03:c7:2d:85:15:5a:0b:37:3c:33:8d:ae:41:6c: c1:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:04:17:55:92:55:6B:DF:2E:6F:5E:B4:DA:71:9A:F2:EC:72:2E:07 X509v3 Authority Key Identifier: keyid:92:17:41:84:59:A8:CA:92:2E:0D:66:A3:CB:AA:40:67:20:CB:48:90 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9137B39/A7599D7AA03511EC82255D3AC4F9AE02/khdBhFmoypIuDWajy6pAZyDLSJA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/khdBhFmoypIuDWajy6pAZyDLSJA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9137B39/A7599D7AA03511EC82255D3AC4F9AE02/khdBhFmoypIuDWajy6pAZyDLSJA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0f:cf:56:cb:67:5e:f4:ad:cd:7a:f5:d8:08:64:da:71:50:99: 15:d8:bd:45:c9:b5:03:62:69:e5:a4:04:60:0f:c3:63:f9:8c: 4a:f1:8f:ce:15:58:c6:41:9e:3f:1a:4d:6a:6e:1e:8a:59:cd: 3c:41:9a:52:f9:51:bf:34:72:7d:c4:51:7a:7e:9a:a4:87:13: 8f:be:80:d3:aa:58:df:b8:ce:2e:85:0b:8a:78:8d:a3:b7:49: cd:da:ff:ce:1a:12:dc:03:e6:1c:46:9b:86:af:87:d7:70:08: fa:74:65:ee:f4:fe:40:58:84:42:b2:89:43:48:48:ea:4c:30: 4b:db:52:37:73:25:0f:e3:d5:cd:b4:75:12:1d:d9:ed:31:c5: 35:df:1d:e7:f3:c2:68:32:64:9a:59:fc:b0:06:25:85:f9:4b: d9:32:ba:0b:98:09:5d:e0:fb:e5:26:98:30:a3:8e:1b:f0:80: b3:55:2f:3e:8d:9c:89:e8:e8:32:e0:7d:4b:72:64:51:db:0e: 5b:39:e6:88:d6:88:03:d3:ec:b3:7d:d2:ed:17:af:55:d2:ba: aa:52:e0:87:a9:ea:c1:04:01:6e:48:9f:24:73:05:15:e6:99: 92:0b:fb:fc:7b:61:b8:d1:fb:d9:9b:6c:5a:0b:5e:7e:bc:08: 47:c5:f5:79 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA4QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzdCMzkxMTAvBgNVBAUTKDkyMTc0MTg0NTlBOENBOTIyRTBENjZBM0NCQUE0MDY3 MjBDQjQ4OTAwHhcNMjUwNDI1MDAzOTMzWhcNMjUwNTAyMDAzOTMzWjAYMRYwFAYD VQQDEw02ODBhZDljNS04MDY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA9QTjQCtAIdqsm3/fkE9gM6QWY01zWG4ys43dyXXa9SU7NANP7WRYdeMPGEbt jgANVgZqnk6D8y8c/O2lE6tFthZ86uuhRkfihvJ8tZeyFXzf1ii5y2+tu+YONvTS A7xtth1+7qTp/PXTqmBftwXGxiCajeOuATy2wwy3Kr4EVeEzBOS+w8hOsL8v+CCQ lJvDyWQEAruj7uXhK5XYstvkJu7sFV7mwmAAI1zJ9prkIetck7fEkmZ66GeiMcSn qfVzKeg9pcNZskHNX+A+ioqyd3a9qfMGzwTsGLprrTVxB8nUK86qogKdGD8H4HxB cBGpA8cthRVaCzc8M42uQWzBxQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAgEF1WS VWvfLm9etNpxmvLsci4HMB8GA1UdIwQYMBaAFJIXQYRZqMqSLg1mo8uqQGcgy0iQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzN0IzOS9BNzU5OUQ3QUEw MzUxMUVDODIyNTVEM0FDNEY5QUUwMi9raGRCaEZtb3lwSXVEV2FqeTZwQVp5RExT SkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2toZEJoRm1veXBJdURXYWp5NnBBWnlETFNKQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz N0IzOS9BNzU5OUQ3QUEwMzUxMUVDODIyNTVEM0FDNEY5QUUwMi9raGRCaEZtb3lw SXVEV2FqeTZwQVp5RExTSkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAPz1bLZ170rc169dgIZNpxUJkV2L1FybUDYmnlpARgD8Nj+YxK8Y/O FVjGQZ4/Gk1qbh6KWc08QZpS+VG/NHJ9xFF6fpqkhxOPvoDTqljfuM4uhQuKeI2j t0nN2v/OGhLcA+YcRpuGr4fXcAj6dGXu9P5AWIRCsolDSEjqTDBL21I3cyUP49XN tHUSHdntMcU13x3n88JoMmSaWfywBiWF+UvZMroLmAld4PvlJpgwo44b8ICzVS8+ jZyJ6Ogy4H1LcmRR2w5bOeaI1ogD0+yzfdLtF69V0rqqUuCHqerBBAFuSJ8kcwUV 5pmSC/v8e2G40fvZm2xaC15+vAhHxfV5 -----END CERTIFICATE-----Generated at Sat Apr 26 04:33:57 2025 by rpki-client